Phishing

Phishing and Spear Phishing - What is it?
"Phishing" attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

"Spear Phishing" is a highly specialized email attack against a specific target or small group of targets to collect information or gain access to systems.


Good Things to Look For:
1.  "Simple. Safe. Smart" at the bottom of the email.

2.  An email about your email account will be signed by an actual person from OIS, for example:
 -- Angela Neria, CIO; Tim Pearson, Asst Director of Infrastructure and Security; Amanda Williams, IT Security Officer; Jeff Schooley, Gorilla Geeks


Red Flags:
1.  Red Flag - Who is the message From? Who is the Reply-To?
 -- In Zimbra if you hover over the From or Reply-To name or any clickable links, it will display the actual email address or web address.  
 -- It is easy to fake a From email address.  Don't be fooled even if the From is @pittstate.edu
 -- Does the web address start with: www.pittstate.edu or go.pittstate.edu - if not, be suspicious.

2.  Red Flag - A sense of urgency.  
 -- If you don't take action right now your email account will be closed.

3.  Red Flag - Asks for personal information.
 -- Your email password is personal information!

4.  Red Flag - Bad grammar, odd formatting, or misspelled words.

5.  Red Flag - The email is not signed by an actual person or there is no phone number to call for questions. 
 -- The closing is from a generic "System Administrator", "Information Technology Services", or "IT Help Desk" instead of an actual person.

NOTE: 
With a spear phishing attack, you may even see words like "OIS", "Zimbra", "Pittsburg State University" - The inclusion of these words does not make the email any more legitimate.  This just means the attackers have done their research.


How this affects you:
1.  When people get reeled in, PSU is placed on automated email blacklists all over the world.  

2.  Once we are blacklisted, legitimate emails from ANY PSU address are refused.  PSU also uses these lists to block emails.  

3.  OIS makes individual contact with the administrators of all the various blacklists and politely request to be removed.  At some point, some of these blacklist administrators may get "fed up" with PSU and delay or refuse our removal request.  

4.  This cripples our ability to communicate with other institutions, vendors, regulatory agencies, and with our students.


Rules to Remember:
1.  NEVER, ever, under any circumstances provide your password in response to a request you received in e-mail - or as a result of clicking on a link in an email.  NEVER, ever, no matter what.  To be extra cautious, DO NOT click the link.  

2.  If you think an email is suspicious, call or email the Gorilla Geeks and confirm before taking action.  From off campus, call 620-235-4600.  On campus call extension 4600.  Email geeks@pittstate.edu from anywhere.

3.  When in doubt, throw it out!


Legitimate emails from the Office of Information Services at PSU about your account(s) will NEVER, ever, ask for your password.

A short video on email and Phishing:

https://www.securingthehuman.org/resources/ncsam